Multiple React Native Aria packages for GlueStack were backdoored as part of a supply chain attack.

Attackers hid the malicious code in modified versions of various packages using whitespace-based obfuscation, pushing malicious code off-screen. The supply chain attack followed the same pattern as the rand-user-agent incident last month, in which a threat actor used an outdated automation token that lacked two-factor authentication protection to publish malicious versions of the package to the NPM registry. In response to the attack, the team deprecated the malicious package versions and reverted to clean, verified releases, and launched an audit of access logs and dependencies.

Read more:

https://www.securityweek.com/react-native-aria-packages-backdoored-in-supply-chain-attack/